Accepting request 973084 from home:dimstar:Factory

- Enhance zgrep-profile-mr870.diff to also allow/support zstd (boo#1198922). OBS-URL: https://build.opensuse.org/request/show/973084 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=328
2022-04-27 12:32:57 +00:00 · 2022-04-27 12:32:57 +00:00 · a9656c2801
commit a9656c2801
parent f1c2c7aee9
2 changed files with 12 additions and 5 deletions
--- a/apparmor.changes
+++ b/apparmor.changes
@ -1,3 +1,9 @@
 -------------------------------------------------------------------
 Wed Apr 27 10:07:47 UTC 2022 - Dominique Leuenberger <dimstar@opensuse.org>
 - Enhance zgrep-profile-mr870.diff to also allow/support zstd
  (boo#1198922).
 -------------------------------------------------------------------
 Sat Apr 16 20:33:13 UTC 2022 - Christian Boltz <suse-beta@cboltz.de>
--- a/zgrep-profile-mr870.diff
+++ b/zgrep-profile-mr870.diff
@ -13,12 +13,11 @@ This prevents exploiting https://www.openwall.com/lists/oss-security/2022/04/08/
 1 file changed, 59 insertions(+)
 create mode 100644 profiles/apparmor.d/zgrep
-diff --git a/profiles/apparmor.d/zgrep b/profiles/apparmor.d/zgrep
+Index: apparmor-3.0.4/profiles/apparmor.d/zgrep
-new file mode 100644
+===================================================================
 index 000000000..0bf0765d1
 --- /dev/null
-+++ b/profiles/apparmor.d/zgrep
+++ apparmor-3.0.4/profiles/apparmor.d/zgrep
-@@ -0,0 +1,60 @@
+@@ -0,0 +1,62 @@
 +# ------------------------------------------------------------------
 +#
 +#    Copyright (C) 2021 Christian Boltz
@ -50,6 +49,7 @@ index 000000000..0bf0765d1
 +  /usr/bin/xz Cx -> helper,
 +  /usr/bin/xzgrep r,
 +  /usr/bin/zgrep Cx -> helper,
 +  /usr/bin/zstd Cx -> helper,
 +  owner /tmp/zgrep* rw,
 +  /usr/bin/zgrep r,
 +
@ -66,6 +66,7 @@ index 000000000..0bf0765d1
 +    /usr/bin/grep mr,
 +    /usr/bin/gzip mr,
 +    /usr/bin/xz mr,
 +    /usr/bin/zstd mr,
 +    /{,**} r,
 +
 +  }